Multiple signatures to create a reference to an irt object
- Previous message (by thread): Multiple signatures to create a reference to an irt object
- Next message (by thread): Multiple signatures to create a reference to an irt object
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Wilfried Woeber, UniVie/ACOnet
woeber at cc.univie.ac.at
Wed Apr 24 18:10:58 CEST 2002
Hi Alex! >So far, the response to my query has been, well, nil :-( Maybe I'm asking >this question on the wrong list? This must have been tested before... > >Cheers, >Alex Well, I guess the answers are: NO (wrong list) and WELL... (tested for all situations) Do you want it on the WG agenda for next week? Wilfried. ___________ SWITCH - The Swiss Academic and Research Network ___________ Alexander Gall, SWITCH, Limmatquai 138, CH-8001 Zurich, Switzerland gall at switch.ch Tel: +41 1 268 1522 Fax: +41 1 268 1568 > Hello > > I've been playing around with PGP authentication and irt objects in the > test database and ran into the following problem. > > The relevant objects are > > mntner: SWITCH-MNT > irt: IRT-SWITCH > inetnum: 130.59.0.0 - 130.59.255.255 > key-cert: PGPKEY-C3BA4795 > key-cert: PGPKEY-82146071 > > They are all protected by SWITCH-MNT, which has a single auth attribute > pointing to PGPKEY-C3BA4795. Updates signed with this key work fine. > > IRT-SWITCH has the attribute auth: PGPKEY-82146071. > > What I would like to do is to add mnt-irt: IRT-SWITCH to the inetnum > object. If I understood correctly, I have to sign that update with two keys: > with key C3BA4795 because the inetnum is protected by SWITCH-MNT and with > 82146071 because a new reference to an irt object needs to be signed by > the key referenced in the irt's auth attribute. > > The question is, which MIME message sent to test-dbm at ripe.net > does this for me? > > My interpretation of the (rather brief) section "3.3.2 PGP support" in the > handbook is that I need to create a MIME message with nested signatures. > So, I created such a beast by hand because my mailer can't do that (see > first attachment). Apparently, the robot checks the outer signature but > does not recognize the inner multipart/signed content-type (see second > attachment). > > Unless my MIME encoding is wrong (which may well be the case :-) I must > have misunderstood the mechanism. > > Any help is appreciated. > -- > Alex > ___________ SWITCH - The Swiss Academic and Research Network ___________ > Alexander Gall, SWITCH, Limmatquai 138, CH-8001 Zurich, Switzerland > gall at switch.ch Tel: +41 1 268 1522 Fax: +41 1 268 1568 --------------------------------------------------------------------------------
- Previous message (by thread): Multiple signatures to create a reference to an irt object
- Next message (by thread): Multiple signatures to create a reference to an irt object
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]